Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
File:                     5xHIkR7brjbfGoC76BSyWg-UOfo.mft (raw, json)
Hash identifier:          TjCxI4Q+02KLPfJKE60jMG/DmXoDdV5GgPml9Ayo+yw=
Subject key identifier:   C3:50:AB:61:46:F4:F7:CF:F7:B3:B5:47:76:28:D3:5A:FD:BC:1B:5B
Authority key identifier: E7:11:C8:91:1E:DB:AE:36:DF:1A:80:BB:E8:14:B2:5A:0F:94:39:FA
Certificate issuer:       /CN=e711c8911edbae36df1a80bbe814b25a0f9439fa
Certificate serial:       019EBE7F7B50F3D0270152912BEF7CE54174
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
Manifest number:          0C76
Signing time:             Sat 13 Jun 2026 01:01:26 +0000
Manifest this update:     Sat 13 Jun 2026 01:01:26 +0000
Manifest next update:     Sun 14 Jun 2026 01:01:26 +0000
Files and hashes:         1: 5xHIkR7brjbfGoC76BSyWg-UOfo.crl (hash: D8ItX1svm5lk6tQ7/9/iefH+AkfAIi3VKaMGIgfu/uQ=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 14 Jun 2026 01:00:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9e:be:7f:7b:50:f3:d0:27:01:52:91:2b:ef:7c:e5:41:74
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e711c8911edbae36df1a80bbe814b25a0f9439fa
        Validity
            Not Before: Jun 13 01:01:26 2026 GMT
            Not After : Jun 14 01:01:26 2026 GMT
        Subject: CN=c350ab6146f4f7cff7b3b5477628d35afdbc1b5b
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:9d:65:de:2a:5e:f2:c0:3d:3b:ff:92:5a:85:
                    8d:94:d9:1d:ad:52:3b:41:5e:a5:b2:b2:a2:36:69:
                    5c:98:6c:14:9f:ef:88:67:f1:24:e9:35:5e:aa:6d:
                    fb:bc:a8:5d:ec:d2:08:e4:db:ba:74:25:98:12:47:
                    f6:81:03:1b:16:a1:da:80:d0:4d:09:49:92:3a:13:
                    8c:09:5c:f9:ed:7a:8d:86:df:42:65:07:dc:1f:6d:
                    33:f7:3d:1b:b6:5d:63:89:46:40:cb:c6:b4:b9:fe:
                    0e:38:45:3c:40:b4:71:c3:fa:d0:e7:14:91:9d:7f:
                    32:42:b1:d0:fd:39:92:ec:61:03:86:c2:26:1b:d1:
                    61:36:e2:3d:5d:79:1c:15:9b:52:15:58:59:00:87:
                    7f:62:91:32:45:98:6c:50:74:de:50:bc:33:83:3a:
                    5c:16:7a:a7:9c:d9:4d:00:de:50:e9:17:2f:c5:d4:
                    81:bb:61:7d:1b:56:a5:3a:e3:ce:09:1e:06:3c:99:
                    6e:4c:ab:f3:80:70:08:3f:f1:da:29:0a:f7:47:1a:
                    88:c1:35:1f:ee:e5:b2:86:ef:5b:f3:ef:f6:8d:45:
                    54:52:65:6a:9e:11:5b:a8:a2:38:ea:7a:32:98:60:
                    b2:72:28:5a:83:39:3c:63:da:d6:cb:7f:ea:1b:77:
                    7d:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:50:AB:61:46:F4:F7:CF:F7:B3:B5:47:76:28:D3:5A:FD:BC:1B:5B
            X509v3 Authority Key Identifier:
                keyid:E7:11:C8:91:1E:DB:AE:36:DF:1A:80:BB:E8:14:B2:5A:0F:94:39:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5xHIkR7brjbfGoC76BSyWg-UOfo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/aafc15-1e79-4fe9-9fad-03a4dd4a9156/1/5xHIkR7brjbfGoC76BSyWg-UOfo.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         1c:82:2f:a8:3e:ee:d7:cf:ae:cc:59:f6:26:bd:2e:4f:23:3d:
         fa:06:f1:e6:42:19:ec:ec:36:49:eb:16:67:8c:d2:51:cd:41:
         99:ea:82:1c:e7:a9:cf:cd:80:7b:d3:96:56:b7:89:5d:c8:3c:
         5e:0a:06:2b:37:75:97:e3:e9:33:3a:5c:97:a1:36:b2:91:ef:
         5b:bb:ef:e2:9d:db:80:46:95:36:5d:00:e8:f8:f5:f4:d1:d0:
         34:c2:fd:36:73:95:1d:2f:be:7a:55:74:8f:3a:6c:02:79:6e:
         a9:60:6b:ed:e2:af:33:b6:62:dd:56:6f:89:0d:1e:e8:3c:1d:
         a0:62:15:17:a7:16:6e:55:32:30:25:2e:90:94:52:a3:11:30:
         3e:9f:eb:63:57:15:db:01:08:68:90:53:43:cd:c5:ea:c2:a4:
         0a:79:6a:f1:c9:0c:2a:c0:2c:9b:f3:20:7c:77:11:d9:24:3d:
         ac:d2:f1:16:d7:b5:2a:d3:47:bd:e0:d8:82:f4:62:6c:b0:82:
         c8:20:ea:ed:de:b3:9e:ee:c8:64:ff:93:f7:26:9d:38:51:34:
         07:0d:77:d4:0a:90:2e:43:a0:c7:87:56:08:1a:d6:67:ef:67:
         2e:df:75:ca:a8:83:00:b4:78:dc:7d:ed:bc:65:a0:72:d0:3f:
         5b:8c:3c:d9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6+f3tQ89AnAVKRK+985UF0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3MTFjODkxMWVkYmFlMzZkZjFhODBiYmU4MTRiMjVhMGY5
NDM5ZmEwHhcNMjYwNjEzMDEwMTI2WhcNMjYwNjE0MDEwMTI2WjAzMTEwLwYDVQQD
EyhjMzUwYWI2MTQ2ZjRmN2NmZjdiM2I1NDc3NjI4ZDM1YWZkYmMxYjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJ1l3ipe8sA9O/+SWoWNlNkdrVI7
QV6lsrKiNmlcmGwUn++IZ/Ek6TVeqm37vKhd7NII5Nu6dCWYEkf2gQMbFqHagNBN
CUmSOhOMCVz57XqNht9CZQfcH20z9z0btl1jiUZAy8a0uf4OOEU8QLRxw/rQ5xSR
nX8yQrHQ/TmS7GEDhsImG9FhNuI9XXkcFZtSFVhZAId/YpEyRZhsUHTeULwzgzpc
FnqnnNlNAN5Q6RcvxdSBu2F9G1alOuPOCR4GPJluTKvzgHAIP/HaKQr3RxqIwTUf
7uWyhu9b8+/2jUVUUmVqnhFbqKI46noymGCycihagzk8Y9rWy3/qG3d9uwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMNQq2FG9PfP97O1R3Yo01r9vBtbMB8GA1UdIwQY
MBaAFOcRyJEe26423xqAu+gUsloPlDn6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9hYWZjMTUtMWU3OS00ZmU5LTlmYWQt
MDNhNGRkNGE5MTU2LzEvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9hYWZjMTUtMWU3OS00ZmU5LTlmYWQtMDNhNGRkNGE5MTU2
LzEvNXhISWtSN2JyamJmR29DNzZCU3lXZy1VT2ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHIIvqD7u
18+uzFn2Jr0uTyM9+gbx5kIZ7Ow2SesWZ4zSUc1BmeqCHOepz82Ae9OWVreJXcg8
XgoGKzd1l+PpMzpcl6E2spHvW7vv4p3bgEaVNl0A6Pj19NHQNML9NnOVHS++elV0
jzpsAnluqWBr7eKvM7Zi3VZviQ0e6DwdoGIVF6cWblUyMCUukJRSoxEwPp/rY1cV
2wEIaJBTQ83F6sKkCnlq8ckMKsAsm/MgfHcR2SQ9rNLxFte1KtNHveDYgvRibLCC
yCDq7d6znu7IZP+T9yadOFE0Bw131AqQLkOgx4dWCBrWZ+9nLt91yqiDALR43H3t
vGWgctA/W4w82Q==
-----END CERTIFICATE-----